Seminars

  • CoaP Seminar (21/11/2022)

    As part of our series La Cybersécurité sur un plateau  (Cybersecurity on a Plate), we will have the following seminars:

    • Aina Toky Rasoamanana, PhD candidate at Télécom SudParis, who will present his work on state machine inference of TLS protocol implementations.
    • Mohamad Mansouri, PhD (CIFRE) candidate at EURECOM / Thales, who will present his work on secure and fault-tolerant aggregation for federated learning.

    The talks will take place at 2 p.m. at the IMT/TP/TSP building (room 3.A405).

    • Aina Toky Rasoamanana - Towards a Systematic and Automatic Use of State Machine Inference to Uncover Security Flaws and Fingerprint TLS Stacks

      TLS is a well-known and thoroughly studied security protocol. In this paper, we focus on a specific class of vulnerabilities affecting TLS implementations, state machine errors. These vulnerabilities are caused by differences in interpreting the standard and correspond to deviations from the specifications, e.g. accepting invalid messages, or accepting valid messages out of sequence. We develop a systematic methodology to infer the state machines of major TLS stacks from stimuli and observations, and to study their evolution across revisions. We use the L* algorithm to compute state machines corresponding to different execution scenarios. We reproduce several known vulnerabilities (denial of service, authentication bypasses), and uncover new ones. We also show that state machine inference is efficient and practical for integration within a continuous integration pipeline, to help find new vulnerabilities or deviations introduced during development.

      With our systematic black-box approach, we study over 400 different versions of server and client implementations in various scenarios (protocol version, options). Using the resulting state machines, we propose a robust algorithm to fingerprint TLS stacks. To the best of our knowledge, this is the first application of this approach on such a broad perimeter, in terms of number of TLS stacks, revisions, or execution scenarios studied.

      This work has been published at ESORICS 2022.

    • Mohamad Mansouri - Learning from Failures: Secure and Fault-Tolerant Secure Aggregation for Federated Learning

      Federated learning allows multiple parties to collaboratively train a global machine learning (ML) model without sharing their private datasets. To make sure that these local datasets are not leaked, existing works propose to rely on a secure aggregation scheme that allows parties to encrypt their model updates before sending them to the central server that aggregates the encrypted inputs.

      In this work, we design and evaluate a new secure and fault-tolerant aggregation scheme for federated learning that is robust against client failures. We first develop a threshold-variant of the secure aggregation scheme proposed by Joye and Libert. Using this new building block together with a dedicated decentralized key management scheme and an input encoding solution, we design a privacy-preserving federated learning protocol that, when executed among n clients, can recover from up to n/3 failures. Our solution is secure against a malicious aggregator who can manipulate messages to learn clients' individual inputs. We show that our solution outperforms the state-of-the-art fault-tolerant secure aggregation schemes in terms of computation cost on the client. For example, with an ML model of 100K parameters, trained with 600 clients, our protocol is 5.5x faster (1.6x faster in case of 180 clients drop).

      This work will appear in ACSAC’22.

  • Grégoire Menguy (4/10/2022)

    We welcome Grégoire Menguy, a former Telecom SudParis student, currently doing a thesis at the CEA. His intervention will take place at 2 p.m. in the IMT/TP/TSP building (room 3.A405).

    • Search-Based Local Blackbox Deobfuscation: Understand, Improve and Mitigate

      Code obfuscation aims at protecting Intellectual Property and other secrets embedded into software from being retrieved. Recent works leverage advances in artificial intelligence (AI) with the hope of getting blackbox deobfuscators completely immune to standard (whitebox) protection mechanisms. While promising, this new field of AI-based, and more specifically search-based blackbox deobfuscation, is still in its infancy. In this work, we deepen the state of search-based blackbox deobfuscation in three key directions: understand the current state-of-the-art, improve over it and design dedicated protection mechanisms. In particular, we define a novel generic framework for search-based blackbox deobfuscation encompassing prior work and highlighting key components; we are the first to point out that the search space underlying code deobfuscation is too unstable for simulation-based methods (e.g., Monte Carlo Tree Search used in prior work) and advocate the use of robust methods such as S-metaheuristics; we propose the new optimized search-based blackbox deobfuscator Xyntia which significantly outperforms prior work in terms of success rate (especially with small time budget) while being completely immune to the most recent anti-analysis code obfuscation methods; and finally we propose two novel protections against search-based blackbox deobfuscation, allowing to counter Xyntia powerful attacks.

      This work has been published at CCS 2021. [Slides]